A word of warning: Note that your security settings will then block ALL calls from that domain for location.href.replace. If any application makes use of that call, there is no way to allow some of the calls and block others.

Setting up CAPS to block location.href.replace

You do not need Greasemonkey for this task. Firefox comes with a built-in capability for allowing/disallowing access to properties/methods of DOM Objects on a per-site basis. It is called Configurable Security Policies (CAPS) and it is described in 1.

A short guide assuming the simplest case:

Close Firefox

Locate your profile folder

Locate the file user.js within this folder. If it does not exist, create it with a text editor (Notepad, vim, etc.)